Skip to main content

Adobe Acrobat & Reader for Windows Remote Code Execution Vulnerability

Last Update Date: 13 Aug 2014 14:41 Release Date: 13 Aug 2014 4274 Views

RISK: Extremely High Risk

TYPE: Clients - Productivity Products

TYPE: Productivity Products

A vulnerability was identified in Adobe Acrobat and Reader. A remote user can cause arbitrary code to be executed on the target user's system.

 

A remote user can create a specially crafted file that, when loaded by the target user, will bypass sandbox protections and execute arbitrary code on the target system.

 

Note: This vulnerability is being actively exploited.


Impact

  • Remote Code Execution

System / Technologies affected

  • Adobe Acrobat XI (11.0.07) and prior for Windows
  • Adobe Acrobat X (10.1.10) and prior for Windows
  • Adobe Reader XI (11.0.07) and prior for Windows
  • Adobe Reader X (10.1.10) and prior for Windows

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to version 10.1.11 for Adobe Acrobat/ Reader X
  • Update to version 11.0.08 for Adobe Acrobat/ Reader XI

Vulnerability Identifier


Source


Related Link